The AhRat trojan was injected in a screen recording application that had amassed more than 50,000 downloads via Google Play.
The post Android App With 50,000 Downloads in Google Play Turned Into Spyware via Update appeared first on SecurityWeek.
Join thousands of attendees as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack. (Register Now)
The post Virtual Event Today: Threat Detection and Incident Response Summit appeared first on SecurityWeek.
Iranian threat actors use a Windows kernel driver called ‘Wintapix’ in attacks against Middle East targets.
The post Iranian Hackers Using New Windows Kernel Driver in Attacks appeared first on SecurityWeek.
A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware.
The post Millions of Smartphones Distributed Worldwide With Preinstalled ‘Guerrilla’ Malware appeared first on SecurityWeek.
Exploitation of a critical vulnerability in the Essential Addons for Elementor WordPress plugin started immediately after a patch was released.
The post 1 Million WordPress Sites Impacted by Exploited Plugin Vulnerability appeared first on SecurityWeek.
A DDoS botnet named AndoryuBot has been seen exploiting CVE-2023-25717, a recent remote code execution vulnerability affecting Ruckus access points.
The post AndoryuBot DDoS Botnet Exploiting Ruckus AP Vulnerability appeared first on SecurityWeek.
The recently identified Fleckpe Android trojan has infected over 600,000 users in Southeast Asia via Google Play.
The post New Android Trojans Infected Many Devices in Asia via Google Play, Phishing appeared first on SecurityWeek.
Meta says it disrupted the new NodeStealer malware, which likely has Vietnamese origins, within weeks after it emerged.
The post Meta Swiftly Neutralizes New ‘NodeStealer’ Malware appeared first on SecurityWeek.
Russian cybercrime group TA505 has been observed using new hVNC malware called Lobshot in recent attacks.
The post New ‘Lobshot’ hVNC Malware Used by Russian Cybercriminals appeared first on SecurityWeek.
The Iranian government has been using the BouldSpy Android malware to spy on minorities and traffickers.
The post ‘BouldSpy’ Android Malware Used in Iranian Government Surveillance Operations appeared first on SecurityWeek.
